Domande frequenti

General

If you have found a bug or wish to request a feature in our software, you can also report it as an issue against the appropriate GitHub repository.

You can also post questions on our subreddit. In some cases fellow GreenAddress users may be able to respond to your query before we are able to.

What is your support policy?

Support is offered on a best-effort basis. We prioritize addressing security problems and bugs in the software providing the service.

If your question is answered in this FAQ, and in particular, if it pertains to lost credentials, it may be some time before we respond to you.

Unfortunately we receive a large volume of spurious email and we cannot always respond instantly. We are working to improve our email response time and will update this FAQ whenever the support policy or support solution is changed. If you have specific support requirements please contact us to discuss your needs.

What features does GreenAddress offer?

For a simple high level comparison with similar services please see here.

We aim to provide a convenient-to-access wallet that emphasizes security and privacy:

Convenience

Easy access from anywhere

All access controlled by a single user mnemonic phrase

A simple interface with up to date fiat price conversion

Fast PIN login

Watch-only logins for quick balance and transaction checking

Instant transaction support

Easy key sweeping to import coins

Sub-accounts for 2of2 and 2of3 signature transactions

Security

Multiple two-factor authentication options

GreenAddress signature required to move coins

Transaction limits and restrictions

Hardware wallet support

Recovery ("nLocktime") transactions

2of3 accounts for user controlled backup keys

Privacy

User secrets are never transmitted to our servers

User secrets are never stored unencrypted on your device

Minimal information is stored by the service

Optional PGP encryption for user emails

What are "2of2" and "2of3" accounts?

2of2 and 2of3 refer to the number of signatures required to move coins in a transaction.

Your main GreenAddress account is a 2of2 account. This means that two signatures are required to validate any transaction: one from you, and one from us. We sign your transaction only if it complies with the limits you have enabled, and only when you provide two-factor authentication. This means that a potential coin thief has to first access your wallet and then also hack into your two-factor authentication in order to try to steal your coins.

A 2of3 account requires two out of three signatures, where the third signature is from a backup key known only to you. This gives you the security benefits of a 2of2 account, while still allowing you to move your coins in the event that the GreenAddress service is unavailable.

You can read more about 2of3 recovery here. Please see below for details of recovery transactions which allow you to move coins from 2of2 accounts.

What are "instant transactions"?

When you send an ordinary Bitcoin transaction, the recipient of the coins must take care that the transaction is confirmed (mined into a block on the blockchain) so that they cannot be defrauded. An attempt to defraud is usually made by "double spending" coins - after sending a transaction to someone, the inputs are then re-spent in a new transaction that pays someone else.

To avoid this risk, it is usually recommended to wait for at least six blocks after the transaction is mined. This introduces undesirable delays when sending.

Because GreenAddress 2of2 accounts only allow sending coins when they are signed by both you and us, the service can act as a kind of guarantee that your coins cannot be double spent, since the service will not sign another transaction for the same coins when one is already in-flight. Services that choose to rely on this can therefore trust that a transaction they receive from GreenAddress cannot be double spent, eliminating the need to wait for the transaction to confirm.

These are known as instant transactions and they can be sent by ticking the "instant" checkbox when sending coins from our wallet software.

What are "nLocktime"/recovery transactions?

Funds in your main GreenAddress account (or a multisignature 2of2 subaccount) require 2 signatures to be spent: one from you and one from GreenAddress. In order to protect you from loss of access to your funds should GreenAddress become unavailable GreenAddress automatically creates pre-signed transactions which you can subsequently countersign to recover the funds to an address controlled solely by you. These transactions are called nLockTime transactions because they can only be spent and confirmed by the network after a specific period of time.

If the service becomes unavailable, you simply wait until the specified period (90 days by default), then sign and send the transaction using our open source recovery tool garecovery.

Why am I am being asked to redeposit my funds?

Once the nLockTime period expires these nLockTime transactions would allow you to recover the funds in the 2of2 account without requiring GreenAddress's signature. This also means that any limits placed on your spending in GreenAddress, such as 2FA requirements, cease to be enforceable by GreenAddress, and that these funds are no longer available for use in instant transactions because GreenAddress cannot guarantee that you have not tried to double spend them.

At this point GreenAddress will prompt you to redeposit the coins by sending them to yourself. This creates a new nLocktime transaction for you, while re-protecting the coins by once again requiring a GreenAddress signature to spend them. In this way you can take advantage of instant transactions from 2of2 accounts, while always being sure you can retrieve your funds if the service is off-line.

Why am I charged a fee to redeposit my 2of2 funds?

The redeposit operation is a standard bitcoin transaction and as such is subject to the usual network transaction fees.

How can I avoid these 2of2 redeposit fees?

You can place your funds in a GreenAddress 2of3 account, in which case GreenAddress does not generate nLockTime transactions and therefore no redeposits are necessary.

Is there any other way of limiting the fees I pay for 2of2 redeposits?

You can increase the nLockTime period on your account which will reduce the frequency of the redeposits. The downside of this is that should you need to recover your funds, for example because you lose your two factor authentication, you will have to wait for longer.

What happens if I do not redeposit my 2of2 funds?

We recommend that you redeposit your funds when reminded, however redepositing is optional and failure to redeposit will not necessarily lead to the loss of any funds. The main consequences of not redepositing are:

The funds in the account will no longer be eligible for instant confirmations because GreenAddress can no longer guarantee that you have not tried to double spend them.

It becomes possible that anyone with access to both your mnemonic and the nLockTime.zip file sent to you by GreenAddress could steal the funds, bypassing any two factor authentication measures.

Is it possible to sign arbitrary messages to prove ownership of GreenAddress 2of2 accounts?

No, GreenAddress does not support this. GreenAddress will only sign standard bitcoin transactions.

Do you support Tor? Do you have an Onion site?

Yes, our https site supports Tor users. Our mainnet production site is at http://s7a4rvc6425y72d2.onion, and testnet is at http://gu5ke7a2aguwfqhz.onion.

The GreenBits wallet for Android has direct support for Tor to be used with Orbot via SOCKS5 (or any SOCKS5 proxy that understands Tor).

Sending and receiving coins

How do I transfer money to and from GreenAddress?

Unfortunately, many banks and payment services such as PayPal don't yet support Bitcoin directly. For the time being, you can exchange your money using bank transfers (and sometimes debit or credit cards) via an intermediary like a Bitcoin exchange or a broker.

There are also online services and communities where you can arrange to exchange cash for Bitcoin. This is an area of rapid change and innovation and so we do not list or specifically recommend any services in this space. The best service for you depends on many factors. We suggest you locate local services using your favorite search engine and careful review.

Can I migrate from another wallet like blockchain.info? Can I sweep private keys into my wallet?

Yes. From the Receive Money tab in our wallet applications, enter your private key and the coins will be swept into your wallet.

I don't see an expected incoming transaction in my wallet! What's happening?

You should see new transactions in your wallet within seconds of it being sent by the payer. If you do not, and you can see the transaction in an online block explorer and/or it has confirmations, please contact support with the transaction id and/or address you used if available.

If you can not see your transaction in a block explorer, it probably means it is still propagating or had a failure in doing so (For example, setting the fee too low can cause transactions to be dropped).

What are the service limits? Can I use it as much as I want?

We have sensible rate limits to prevent the service from denial of service attacks. It is extremely unlikely that a user will encounter these limits under normal use. If you find that you are hitting a rate limit, please contact support with the details.

If you have a requirement that exceeds the current limits, please feel free to contact us to discuss your needs further.

Why does my receiving address change all the time? Can I reuse an old address?

Addresses change constantly for privacy and security reasons. Re-using old addresses makes it easier for others to group transactions together and can be less secure. While GreenAddress does correctly process multiple payments to the same address, we recommend not re-using them.

Addresses should be thought of as one-time receipt IDs rather than as unchanging identifiers such as traditional bank wire details.

Note that our API exposes a GreenAddress receiving ID which can be used to fetch new addresses to pay to. Please see the API documentation for more details.

Where can I find my old addresses?

All previously generated addresses are available in the Receive tab under Advanced Options when using the Chrome or Cordova wallet clients.

Do you have donate/send money graphics for linking to users payment URLs?

Feel free to use one of the buttons below on your website:

Sicurezza

Dove sono conservate le chiavi dei mie Bitcoin?

Your private keys are not stored. They are derived on demand from your mnemonics as a seed to a BIP32 hierarchical wallet.

Your mnemonics are encrypted and stored locally only when PIN login is enabled (See below).

Your mnemonics and private keys are never sent to the server. The server receives the public key and chaincode for generated addresses only.

How does using a PIN work securely?

When you create a PIN, a random 256 bit AES password is created and used to encrypt your mnemonics and store them on your device in encrypted form. This password is sent to the server and destroyed on the client.

If the server is given the correct PIN when logging in, it will return the password to the device in order to decrypt the mnemonics. If the server is given the wrong PIN three times, it will destroy the password at which point the user must use their mnemonics to log in. Note that the server never sees your mnemonics at any point.

We suggest using a long PIN for better security.

I lost my PIN, help!

If you can't remember the PIN you use to login to your wallet, you will need to use your mnemonics to log in instead. After entering the wrong PIN three times, the back end service will delete its copy of your wallet's random decryption key, at which point the PIN can no longer be used.

Your wallet client will then ask you to login using your mnemonics and you can resume using the service as normal.

I lost my mnemonics/mnemonics and passphrase, help!

The service never knows your mnemonics or passphrase; We cannot help you recover them if they are lost.

If you have a wallet with PIN entry enabled, you can use your PIN to log in to the wallet and then view the mnemonics from the settings menu. You should then write them down and store them safely.

In all other cases you will only be able to retrieve your mnemonics by brute force trying various combinations of valid words. This is similar to how a hacker might try to break into your wallet, and is not generally feasible.

If you have some information about the mnemonic/mnemonic passphrase available, for example you have most of the words, or you know that your passphrase will only contain certain characters or is a certain length, then you may be able to use this to recover your wallet, although it is still extremely unlikely. You should research third party services for wallet recovery, as GreenAddress does not offer assistance or support for wallet cracking for obvious reasons.

I lost my two-factor/mobile/etc (email/OTP|Authenticator/etc), what can I do?

You should always have at least two two-factor options enabled. Additionally for OTP/Authenticator you should back up the initial seed number and/or QR code displayed. Provided you keep these backups you can maintain access to your coins even if you lose access to one method for any reason.

In cases where you have lost access to all two-factor methods, we have no way to return control of your coins to you. We take our users' security very seriously; we have never disabled two-factor authentication for any user once enabled, unless explicitly authorized to do so via another two-factor authentication method. We follow the restrictions that you placed on your account without exception.

If your coins are in a 2of2 account then you will need to recover your authentication, we cannot disable it in this or any other case. Alternately, if you had enabled nLocktime transactions then you can use them to recover your coins after the nLocktime expires (90 days by default).

If you transferred your coins to a 2of3 account then you can move them without two-factor authentication since you have 2 of the 3 required signatures. If not, then unless you can recover your authorization we cannot help you.

We remind users during two-factor setup to make backups of things like OTP/Authenticator and to enable multiple two-factor options to prevent this situation from happening. As noted, 2of3 accounts can be used to avoid requiring authentication also.

We understand this is upsetting, and we are actively working on potential solutions to overcome this problem in the future, such as CLTV/CSV and opt-in methods of resetting two-factor authentication with safeguards.

These future mitigations require careful design and development to ensure that they cannot be exploited by attackers. It may be some time before we can safely implement them.

Future developments in two-factor processing will be notified in our applications and this FAQ.

I didn't receive a two-factor authentication SMS, what's going on?

SMS delivery is not perfect and sometimes there can be delays or failures. Some countries can be more affected than others depending on factors like the reliability of the underlying mobile infrastructure. For this and other reasons (such as security weaknesses of SMS and recovery necessities) we advise you to enable a better mechanism such as email with GPG or OTP/Authenticator. You should always have at least two two-factor methods enabled to maintain access to your coins.

I didn't receive a two-factor authentication email, what happened?

Email delivery is not guaranteed and sometimes there can be delays or a failure in delivery. It is also possibly for anti-spam systems to mistakenly classify two-factor emails as spam or strip the attachments from them. Please ensure you check your spam folders and give the email time to arrive. If you regularly have issues receiving email you may wish to adjust your spam settings, whitelist the sender in your client, or move to a more configurable provider.

What happens if your service goes away? Will I lose my coins?

GreenAddress is designed to allow you to recover your coins if the service ceases to be available. Make sure you keep your mnemonics and nLocktime/recovery transaction emails so that you can independently recover your coins. Please see the section "What are "nLocktime"/recovery transactions?" above for more details.

Fees

What does GreenAddress charge for the service?

GreenAddress does not currently charge fees for any of its services. If we add a fee for any service in the future, this will be clearly communicated and opt-in.

Enterprise clients and those seeking custom solutions are welcome to contact us to discuss arrangements for extra services and support.

I see there is a fee in transactions, who is the recipient? Why do I have to pay?

The fee you see in the sending transaction dialog is paid to Bitcoin miners to confirm your transaction (i.e. add it to the Bitcoin blockchain). Transactions fees change according to the demand on the Bitcoin network.

Miners may ignore or delay transactions with extremely low fees. GreenAddress automatically calculates a fee that aims for your transaction to be mined quickly. We do not aim for the absolute fastest possible confirmation time since doing so may be very expensive. Most of our wallet clients allow you to change the fee. This can be useful if you want to ensure a transaction confirms even more quickly (by increasing the default fee), or to lower the fee if you do not care how long the transaction takes to confirm.

Unless you are experienced in using Bitcoin, we suggest you use the default fee calculated for you by the wallet.

What is the minimum fee/amount I can send?

This is variable and depends on Bitcoin network conditions.

All GreenAddress wallets provide a confirmation dialog with fee information and a payment is generally denied if the amount is below what the network will accept.

What is Transaction Replacement/Replace-By-Fee/RBF/"Bump Fee"?

When you send a transaction a fee is included as a reward to the miner that mines the transaction into a block (see above). If the fee is set too low the transaction can become stuck because the incentive is not sufficient for a miner to mine it. In this case it is possible to replace the transaction with one with a higher fee. This is called "bump fee" in the client, and is also known as "replace-by-fee" or "RBF".

All of our applications are open source and you can contribute to their development on GitHub.

Do you have an API available for developers?

Yes, you can see our API documentation at our GitHub pages and our open source applications here. If you are building a service that will use GreenAddress, we suggest you get in touch to discuss your requirements and ensure your use of the service will be secure.

Cookies are unique identifiers that we use to enable our services to recognize your device and provide features such as remembering your language preference and security for some common web issues. We ask you to accept the use of our cookie in accordance with EU law.